•The crontab program is the program used to install, deinstall, or list the tables used to drive
the cron daemon. Users can have their own crontab files that set up the time and
frequency of execution, as well as the command or script to execute.
•The gpasswd command administers the /etc/group file and /etc/gshadow file if
compiled with SHADOWGRP defined. The gpasswd command allows system
administrators to designate group administrators for a particular group. Refer to the
gpasswd man page for more detailed information.
•The login program is used when signing on to a system. If root is trying to log in, the
program makes sure that the login attempt is being made from a secure terminal listed in
/etc/securetty. The login program prompts for the password and turns off the terminal
echo in order to prevent the password from being displayed as the user types it. The login
program then verifies the password for the account; although three attempts are allowed
before login dies, the response becomes slower after each failed attempt. Once the password
is successfully verified, various password aging restrictions, which are set in the
/etc/login.defs file, are checked. If the password age is satisfactory, then the program
sets the user ID and group ID of the process, changes the current directory to the user’s home
directory, and executes a shell specified in the /etc/passwd file. Refer to the login man
page for more detailed information.
•The passwd command updates a user’s authentication tokens, and is configured to work
through the PAM API. It then configures itself as a password service with PAM, and uses
configured password modules to authenticate and then update a user’s password. The
passwd command turns off terminal echo while the user is typing the old as well as the new
password, in order to prevent displaying the password typed by the user. Refer to the
passwd man page for more detailed information.
•The su command allows a user to run a shell with substitute user and group IDs. It changes
the effective user and group IDs to those of the new user. Refer to the su man page for more
detailed information.
•The following are trusted programs that do not fit into the above 2 categories.
•The alternative Linux form of getty, agetty opens a tty port, prompts for a login name, and
invokes the /bin/login command. The /sbin/init program invokes it when the system
becomes available in a multi-user mode.
•The amtu program is a special tool provided to test features of the underlying hardware that the
TSF depends on. The test tool runs on all hardware architectures that are targets of evaluation
and reports problems with any underlying functionalities.
•In addition to setting the audit filter rules and watches on file system objects, auditctl can be used
to control the audit subsystem behavior in the kernel when auditd is running. Only an
administrative user is allowed to use this command.
•The ausearch command finds audit records based on different criteria from the audit log. Only
an administrative user is allowed to use this command.
•aureport produces reports of the audit system logs.
•The init program is the first program to run after the kernel starts running. It is the parent of all
processes, and its primary role is to create processes from a script stored in the /etc/inittab file.
This file usually has entries that cause init to spawn getty on each line that users can log in.
•The chsh command allows users to change their login shells. If a shell is not given on the
command line, chsh prompts for one.
27